We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDropper:Win32/Nuwar.A
Detected by Microsoft Defender Antivirus
Aliases: Win32/Pecoan.S (CA) Email-Worm.Win32.Zhelatin.dz (Kaspersky) W32/Zhelatin.gen (McAfee) W32/Tibs.AGHR (Norman) Mal/Dorf-A (Sophos) Trojan.Packed.13 (Symantec) TROJ_MULP.BX (Trend Micro)
Summary
TrojanDropper:Win32/Nuwar.A is a Trojan that drops and installs Backdoor:Win32/Nuwar.A or Backdoor:Win32/Nuwar.B onto an infected computer.
Backdoor:Win32/Nuwar is a Backdoor Trojan that allows unauthorized access to an infected computer. The Trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This Trojan also contains advanced stealth functionality that allows it to hide particular files, registry entries and registry values.
Related Malware
Backdoor:Win32/Nuwar may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx.
Follow us
